Wireless LAN in a big city + networking question

G

Guest

Guest
Archived from groups: microsoft.public.windows.networking.wireless (More info?)

I am interested in setting up a mobile Wireless LAN in New York.

The idea is that you have one or possibly more cars with access points
where people external to the vehicle would need access. Think of this
in the context of a fire, where different people around the scene need
access. I am not concerned with external net access, just a LAN. So I'm
just fishing for opinions.

Do you think that a single access point with a signal booster would
cover a large city block? Am I completely nuts? (Probably) What would
be a better solution?

If there are multiple WAPs at various points around, is it possible to
retain transparent connectivity if the person is moving from one WAP to
another?

Right now I have WRT54G with the default firmware, would upgrading it
make a difference? I know there is a pretty active dev group for this
little guy. Opinions?

-----------------------------------

One more question (only marginally related) if a computer running XP
has two network devices (one CDMA for external internet connectivity
and one for the wireless LAN) is there a way to lock the route table?
I can get this to work no problem by messing around with the table
(adding and deleting routes) but I am not able to lock those settings
in, they get trounced when one or both network devices are
disconnected.

In other words if I never want the default route to be on the wireless
device, is that possible? I ONLY want the wireless card to access
192.168.1.* network.

I know this is alot to ask, but I would appreciate any response. If
there is a book that should be reading related to the above, please
point me in the right direction. I am just trying to learn as much as
possible before I start making purchase requests.

Katie
 
G

Guest

Guest
Archived from groups: microsoft.public.windows.networking.wireless (More info?)

"Katie Baynes" <ktbaynes@gmail.com> wrote in
news:1123264961.844836.281070@g44g2000cwa.googlegroups.com:

> I am interested in setting up a mobile Wireless LAN in New York.
>
> The idea is that you have one or possibly more cars with access points
> where people external to the vehicle would need access. Think of this
> in the context of a fire, where different people around the scene need
> access. I am not concerned with external net access, just a LAN. So I'm
> just fishing for opinions.
>
> Do you think that a single access point with a signal booster would
> cover a large city block? Am I completely nuts? (Probably) What would
> be a better solution?
>
> If there are multiple WAPs at various points around, is it possible to
> retain transparent connectivity if the person is moving from one WAP to
> another?
>
> Right now I have WRT54G with the default firmware, would upgrading it
> make a difference? I know there is a pretty active dev group for this
> little guy. Opinions?
>
> -----------------------------------
>
> One more question (only marginally related) if a computer running XP
> has two network devices (one CDMA for external internet connectivity
> and one for the wireless LAN) is there a way to lock the route table?
> I can get this to work no problem by messing around with the table
> (adding and deleting routes) but I am not able to lock those settings
> in, they get trounced when one or both network devices are
> disconnected.
>
> In other words if I never want the default route to be on the wireless
> device, is that possible? I ONLY want the wireless card to access
> 192.168.1.* network.
>
> I know this is alot to ask, but I would appreciate any response. If
> there is a book that should be reading related to the above, please
> point me in the right direction. I am just trying to learn as much as
> possible before I start making purchase requests.
>
> Katie
>
>

Hi Katie --

I can address one aspect of your query, which is how to deploy wireless so
that users are not prompted for credentials each time they encounter a new
access point.

I am assuming that you want to deploy wireless in a secure manner, which
means that the signal is encrypted and users must log on in order to access
the LAN.

In this scenario you will need a centralized user accounts database such as
that provided by Active Directory.

So the approach I would use is to have a laptop running Windows Server 2003
with the following components installed:

Active Directory
Internet Authentication Service (AKA Microsoft RADIUS)
DHCP
DNS
WINS

In order to provide single-sign on, strong security, and to prevent users
from having to reauthenticate if they encounter a new access point (which
by the way have a range, generally speaking, of about 300 feet -- there may
be others with a longer range, I don't know), you would deploy PEAP-MS-CHAP
v2 as your authentication method, and you would enable the PEAP Fast
Reconnect feature of this auth method.

When you deploy PEAP (which you configure in IAS remote access policy and
on clients, which you can configure automatically if you use Group Policy),
the IAS server caches properties of the client during the first
authentication in an object called a TLS handle. If the client roams to
another access point that is also configured as a RADIUS client at the same
IAS server (this is an important point), the IAS server uses the cached TLS
handle to authenticate the user/computer, so the user is not prompted for
credentials. I have discussed this feature with people in the medical
profession and they love not having to stop what they are doing to reenter
their credentials.

Another advantage of PEAP is that users supply password-based credentials,
but client computers also authenticate the IAS server with the IAS server
certificate -- mutual authentication prevents some man-in-the-middle
attacks that might be likely out on the street.

If you are interested in investigating further, you can find whitepapers
and other interesting documentation at
http://www.microsoft.com/windowsserver2003/technologies/ias/default.mspx

The deployment whitepaper for this scenario is aimed at Enterprises but you
can easily scale it down to your scenario. It is "Enterprise Deployment of
Secure 802.11 Networks Using Microsoft Windows."

PEAP is discussed in "The Advantages of Protected Extensible Authentication
Protocol (PEAP)."

--
James McIllece, Microsoft

Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.

This posting is provided "AS IS" with no warranties, and confers no rights.
 
G

Guest

Guest
Archived from groups: microsoft.public.windows.networking.wireless (More info?)

On 5 Aug 2005 11:02:41 -0700, Katie Baynes wrote:

> One more question (only marginally related) if a computer running XP
> has two network devices (one CDMA for external internet connectivity
> and one for the wireless LAN) is there a way to lock the route table?
> I can get this to work no problem by messing around with the table
> (adding and deleting routes) but I am not able to lock those settings
> in, they get trounced when one or both network devices are
> disconnected.
>
> In other words if I never want the default route to be on the wireless
> device, is that possible? I ONLY want the wireless card to access
> 192.168.1.* network.
>
> I know this is alot to ask, but I would appreciate any response. If
> there is a book that should be reading related to the above, please
> point me in the right direction. I am just trying to learn as much as
> possible before I start making purchase requests.

Use the -p switch when you run the "route add" command. The -p switch make
the added route "persistent" across reboots.

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint
 
G

Guest

Guest
Archived from groups: microsoft.public.windows.networking.wireless (More info?)

"Katie Baynes" <ktbaynes@gmail.com> wrote in message news:1123264961.844836.281070@g44g2000cwa.googlegroups.com...
> Do you think that a single access point with a signal booster would
> cover a large city block? Am I completely nuts? (Probably)

Hmm may be you're right here.

> What would be a better solution?

There already are some well established providers of fast deployment WLAN services
(by the way - don't call this "mobile" - it isn't )
Try to find them, study, and see how you can provide a competitive service.

Good luck
--PA